package com.vdong.trade.order.common.security;


import com.vdong.trade.order.common.contract.ApiContract;
import org.lamb.framework.core.config.LambSpringSecurityConfig;
import org.lamb.framework.core.security.AuthTokenReactiveAuthorizationManager;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.web.server.ServerHttpSecurity;

import javax.annotation.Resource;


/**
 * @program: decisionsupportsystem
 * @description: spring权限框架配置
 * @author: Mr.WangGang
 * @create: 2018-08-29 17:08
 **/
@Configuration
public class SpringSecurityConfig extends LambSpringSecurityConfig {


    @Resource
    private AuthTokenReactiveAuthorizationManager authTokenReactiveAuthorizationManager;


    @Override
    public void strategy(ServerHttpSecurity http) {

        /*http.authorizeExchange().pathMatchers("/login").permitAll();
        http.authorizeExchange().pathMatchers(ApiContract.I000000000).permitAll();
        http.authorizeExchange().pathMatchers(ApiContract.I000000001).permitAll();
        http.authorizeExchange().pathMatchers(ApiContract.I000000002).permitAll();
        http.authorizeExchange().pathMatchers(ApiContract.I000000003).permitAll();
        http.authorizeExchange().pathMatchers(ApiContract.I000000004).permitAll();
        http.authorizeExchange().pathMatchers(ApiContract.I000000005).permitAll();
        http.authorizeExchange().pathMatchers(ApiContract.I000000006).permitAll();
        http.authorizeExchange().pathMatchers(ApiContract.I000000007).permitAll();
        http.authorizeExchange().pathMatchers(ApiContract.I000000008).permitAll();
        http.authorizeExchange().pathMatchers(ApiContract.I000000009).permitAll();
        http.authorizeExchange().pathMatchers(ApiContract.I000000010).permitAll();
        http.authorizeExchange().pathMatchers(ApiContract.I000000011).permitAll();*/
        //其余被ACCESS拦截
        http.authorizeExchange().anyExchange().access(authTokenReactiveAuthorizationManager);
    }
}